Sunday, December 18, 2011

User Mode vs Kernel Mode & How to switch modes

Dual-Mode Operation

  • In order to ensure the proper execution of the OS, we must be able to distinguish between the execution of operating-system code and user-defined
  • At the very least, we need two separate modes of operation: user mode and kernel mode (also called supervisor mode, system mode, or privileged mode). A bit, called the mode bit is added to the hardware of the computer to indicate the current mode: kernel (0) or user (1).
  • User mode: a subset of instructions. Limited set of hardware and memory available.
    • I/O protection, all I/O operations are privileged; so user programs can only access I/O by sending a request to the (controlling) OS.
    • Memory protection, base/limit registers (in early systems), memory management unit, (MMU, in modern systems); so user programs can only access the memory that the OS has allocated.
    • CPU control, timer (alarm clock), context switch; so user programs can only read the time of day, and can only have as much CPU time as the OS allocates.
  • When a user application requests a service from the OS (via a system call), it must transition from user to kernel mode to fulfil the request 

  • The dual mode of operation provides us with the means for protecting the OS from errant users-and errant users from one another.
  • If an attempt is made to execute a privileged instruction in user mode, the hardware does not execute the instruction but rather treats it as illegal and traps it to the OS.
  • The life cycle of instruction execution in a computer system. Initial control is within the OS, where instructions are executed in kernel mode. When control is given to a user application, the mode is set to user mode. Eventually, control is switched back to the OS via an interrupt, a trap, or a system call.
  • System calls provide the means for a user program to ask the OS to perform tasks reserved for the OS on the user program's behalf.
  • A system call usually takes the form of a trap to a specific location in the interrupt vector.
  • When a system call is executed, it is treated by the hardware as a software interrupt. Control passes through the interrupt vector to a service routine in the OS, and the mode bit is set to kernel mode. 
Transition between modes:

The transition is usually caused by one of the following:
  • Fault (e.g. a page fault or some other exception caused by executing an instruction)
  • Interrupt (e.g. a keyboard interrupt or I/O finishing)
  • Trap (e.g. a system call)
What normally happens is that system checks the Interrupt Descriptor Table (IDT). Each exception (interrupt, fault, etc.) has a number associated with it which is used to index into this table.
From this table the CPU can determine the interrupt handler to run.
As part of the transition the following changes (generally) take effect:
  • Switch to Kernel stack
  • EFLAGS are saved
  • Code segment selector and EIP are saved.
  • stack segment selector and stack pointer are saved
  • Start executing the interrupt handler
  • The general purpose registers are saved (handler's job)
  • Segment selectors are changed to Kernel ones (handler's job)

Useful Links:
http://www.codinghorror.com/blog/2008/01/understanding-user-and-kernel-mode.html

Posted by at 1:39 AM
Labels:

1 comment:

Subscribe to: Post Comments (Atom)